adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,845 Commits 27 Branches 1,043 Tags
0095613a94b49bd33ab5bb6cb22e56efa56fedca
Commit Graph

2587 Commits

Author SHA1 Message Date
space-r7 0095613a94 add completed module and documentation 2021-09-09 16:58:40 -05:00
Grant Willcox 0e0e3bbcfb Land #15603, Add Geutebruck CVE_2021_335XX command injection module 2021-09-01 10:59:22 -05:00
bwatters ff50a94348 Land #15567, Add in Exploit for CVE-2021-3490 
Merge branch 'land-15567' into upstream-master
 2021-08-31 18:46:25 -05:00
Grant Willcox 0a57641aa4 Add in documentation and module code cleanness improvements and also make the output easier for readers to understand should something fail midway through. 2021-08-31 18:24:57 -05:00
Grant Willcox 30a7ee1bf2 Final very minor documentation fixes for better clarity 2021-08-31 18:24:56 -05:00
Your Name 56cde3eaba Add Geutebruck CVE_2021_335XX command injections module 2021-08-31 18:24:14 -05:00
Grant Willcox 3bca3b0bcb Update exploit code to use & after the command to execute as root so it executes in the background and doesn't hang Metasploit. Also update the logic of the code to check the response from executing the exploit and respond accordingly and update the documentation to match 2021-08-31 15:07:37 -05:00
Tim W 6c0b90eabb Land #15532, add module for CVE-2021-21300 and git mixins 2021-08-26 18:26:04 +01:00
Spencer McIntyre 674628e600 Land #15384, Improve Windows RDLL injection 2021-08-26 12:11:44 -04:00
Grant Willcox 6f9b06fb4b Add in Manfred Paul's original blog post and chompie1337's original PoC to the list of links. Also add in a relatively detailed description of how to add in new targets to this exploit to the documentation in case that helps anyone down the line 2021-08-25 18:09:07 -05:00
Grant Willcox 5a80e9678c Address Spencer's comments and remove changes that don't directly use the DLL injection library API change 2021-08-24 16:34:01 -05:00
Grant Willcox bd490d35ed Add support for Linux 5.11.x on Fedora 2021-08-23 15:09:10 -05:00
Grant Willcox db5ac81ecf Fix up mistakes bcoles pointed out and also add in a check to ensure we are only targetting x64 systems 2021-08-23 13:23:40 -05:00
Grant Willcox e46611cffb Add in support for exploiting Fedora 32 with Linux kernel 5.10.12 2021-08-20 18:04:59 -05:00
Grant Willcox 75ae2b76f5 Add support for Fedora 32 Linux Kernel 5.9.8-100 and also fix an error where the wrong file was being used for Fedora 32 Linux Kernel 5.8.8. 2021-08-20 16:50:20 -05:00
Grant Willcox 5abf407228 Add support for Fedora 32 with Linux Kernel 5.8.8-200 2021-08-20 15:42:34 -05:00
Grant Willcox dd806a9d61 Add in support for Fedora 32 running kernel 5.7.11-200 2021-08-20 13:37:52 -05:00
William Vu e480e868b9 Remove dead cisco_rv130_rmi_rce documentation 
It is now cve_2019_1663_cisco_rmi_rce.
 2021-08-20 05:06:00 -05:00
Grant Willcox b479cb61a4 Add in scenario for Ubuntu 20.04.02 LTS and show that its still working as expected 2021-08-19 15:05:03 -05:00
Grant Willcox b60ad3ee26 Fix up mistakes I noticed whilst doing edits on the code as well as some mistakes identified during peer review 2021-08-19 13:55:54 -05:00
William Vu 31796c6236 Land #15561, ProxyShell exploit 2021-08-19 10:31:02 -05:00
wvu bcf00a0d3a Update exchange_proxyshell_rce.md 2021-08-18 14:38:56 -05:00
Spencer McIntyre 75e63992d6 Write an exploit for ProxyShell 2021-08-18 10:50:34 -04:00
Grant Willcox d5df47692c Add in first copy of the exploit along with the supporting source code and binaries. Documentation to come 2021-08-17 18:01:14 -05:00
William Vu 521ca14773 Add Lucee Administrator CVE-2021-21307 exploit 2021-08-16 10:09:34 -05:00
space-r7 c9bdd96c76 remove GIT_HOOK option 
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
 2021-08-12 10:18:13 -05:00
Shelby Pace 0fe761b838 modify options and add documentation 2021-08-12 10:18:12 -05:00
Spencer McIntyre 82cc8526d4 Land #15501, Add CVE-2019-11580 (Atlassian Crowd) 2021-08-12 09:38:31 -04:00
Grant Willcox 85ef49a79c Land #15535, Update psexec module to use SMBSHARE option name for consistency 2021-08-11 17:41:38 -05:00
Grant Willcox 5fdf990f24 Land #15519, Lexmark Universal Print Driver Local Privilege Escalation 2021-08-11 15:03:53 -05:00
Grant Willcox 92327461d3 Add in driver installation instructions to documentation 2021-08-11 14:40:21 -05:00
Grant Willcox 7b25bd366f Update documentation and fix a few typos so that it reflects latest changes 2021-08-11 12:25:36 -05:00
Jacob Baines afa3d92774 Switched to upnp implementation 2021-08-10 18:17:18 -04:00
adfoster-r7 b9d2f30bbd Update psexec module to use SMBSHARE option name for consistency 2021-08-10 13:17:57 +01:00
Grant Willcox 55404ff29f Further fixes from review and further touch up edits 2021-08-09 14:23:05 -05:00
Grant Willcox f8d838bba2 Fix first round of comments from the review process 2021-08-09 12:13:27 -05:00
Grant Willcox 838142362c Apply first round of updates from review comments to improve explanations of the vulnerability and fix some minor issues 2021-08-09 09:59:09 -05:00
Jacob Baines 0e41a0e81e Addressed all but one review items 2021-08-07 06:46:49 -04:00
Jacob Baines 8d699c0c4e Addressed various review comments 2021-08-06 14:55:50 -04:00
Grant Willcox ade653f0bf Final fixup edits to change the timeout value to be an advanced option and also to use send_req_cgi 2021-08-05 13:10:24 -05:00
Jacob Baines f851faf2e4 Initial commit for Canon driver exploit 2021-08-05 11:17:45 -04:00
Grant Willcox 00cfdc4f17 Use Faker to generate a fake app name, add in option to specify timeout to server, and also fix Alan's remaining review comments 2021-08-05 09:46:34 -05:00
Jacob Baines e6c48db072 Initial version of CVE-2021-35449 2021-08-04 16:08:43 -04:00
Grant Willcox 0d7d5ab93f Switch over to Rex::MIME::Message to use our built in mixins, and also fix last remaining review comments 2021-08-02 11:17:26 -05:00
Grant Willcox 27f70af1b3 Fix up some of the mistakes wvu pointed out 2021-07-30 15:28:10 -05:00
Grant Willcox 3427571887 Push up working CVE-2019-11580 exploit and associated documentation 2021-07-30 12:07:12 -05:00
space-r7 809081bc5f Land #15279, add Pi-Hole lpe 2021-07-29 11:15:17 -05:00
space-r7 0561ae978f fix typos, pihole version in docs 2021-07-29 11:13:58 -05:00
Shelby Pace 183caff15c Land #15418, add modern events calendar rce 2021-07-26 09:45:05 -05:00
Shelby Pace 38ae82155e modify info, fix spacing 2021-07-26 09:43:34 -05:00